Organizations are scaling Kubernetes deployments with container platforms running on a mix of on-prem, cloud, and multi-cloud infrastructure. However, not all users are taking a standardized approach to building multiple clusters on a common distribution and on a single infrastructure with common security tools.

Downtime is expensive and applications are a challenge to troubleshoot across a dynamic, distributed environment consisting of Kubernetes clusters. While development teams and service owners typically understand the microservices they are deploying, it’s often difficult to get a complete, shared view of dependencies and how all the services are communicating with each other across a cluster. Limited observability makes it extremely difficult to troubleshoot end-to-end connectivity issues which can impact application deployment.

The majority of operational problems inherent to deploying microservices in a distributed architecture are linked to two areas: networking and observability. At the application layer (Layer 7), the need to understand all aspects associated with service-to-service communication within the cluster becomes paramount. Service-to-service network traffic at this layer is often using HTTP. DevOps teams struggle with these questions: Where is monitoring needed? How can I understand the impact of issues and effectively troubleshoot? And how can I effectively protect application-layer data?

Learn how Calico Enterprise can help in troubleshooting Kubernetes Calico networking and network policies.

CVE-2020-8554 is a vulnerability that allows Kubernetes Services to intercept cluster traffic to any IP address. Users who can manage services can exploit the vulnerability to carry out man-in-the-middle (MITM) attacks against pods and nodes in the cluster. All Kubernetes versions including the latest release (v1.20) are vulnerable to this attack. If your cluster is multi-tenant, or allows unprivileged users to create and update services, you are impacted.

Managing multiple Kubernetes clusters can become time consuming and complex. Calico Enterprise can help with built in multi-cluster management capabilities to simplify deployment and ongoing operations, including securing interactions between the clusters, and providing cross-cluster service discovery.

In this talk, we will explore how to meet common enterprise security control needs when running Kubernetes. We will look at a range of common enterprise security needs and how you can meet these with standard Kubernetes primitives and open source projects such as Calico, or take it a step further with the additional features of Calico Enterprise.

Kubernetes Ingress introduces challenges that require important architectural decisions. In this session, we will explain the options available and how to select the right one. You’ll see a live demo and will receive all manifests and walkthroughs required to repeat the training on your own after the training session.

At Tigera, we’re excited that our two leading Kubernetes solutions, Calico and Calico Enterprise, are now available as AWS Quickstarts. Everything you need to take advantage of Calico and Calico Enterprise is installed and configured in your EKS cluster, enabling you to immediately take advantage of a full set of Kubernetes security, observability and networking features. In this fireside chat, you will learn about the value of using Calico with EKS in a Quickstart Kubernetes environment, including.